For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Root44's avatar
Root44
Icon for Altostratus rankAltostratus
Feb 22, 2016

SSL logging impact on f5?

Hello Experts,

 

I was just curious if there would be any impact on performance of f5 if we enabled SSL logging? I found out hot to do it but I don't want to mess up the entire infrastructure. Please let me know if it will slow the working performance of the f5, affect other VIPs configuration or any error/outage at all.

 

https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15292.html

 

Thank you all, you are the best.

 

R

 

application delivery
BIG-IP
devops
LTM
serverssl
ssl
ssl cert
ssl two-way
TMSH

1 Reply

  • Hannes_Rapp's avatar
    Hannes_Rapp
    Icon for Nimbostratus rankNimbostratus
    Feb 22, 2016

    Hi,

    An iRule which logs SSL handshake details to a Remote Syslog server (HSL) would not be a problem. Test in QA first and after a successful test in QA, proceed to PROD by progressively enabling it on more Virtual Servers (don't have to implement for all services at once).

    • When using an iRule logging solution, try to avoid on-appliance logging if possible (i.e. /var/log/ltm or /var/log/user.notice). If you need a permanent solution, go for remote logging (HSL).
    • If you were thinking about SSL Debug as your logging solution (
      tmsh modify /sys db log.ssl.level value Debug
      ), I would not recommend that as your permanent SSL logging solution since it does not qualify for one. Any built-in debug commands are meant to be used for short-term to troubleshooting on-going incidents or problems.